Thinking on those lines it would be nice to be notified of AD changes also when anything changes, I have seen that done also with powershell queries.

This last one is actually an interesting problem :)

Are we talking about ALL Active Directory objects, or just User objects? Group/contacts?

Get-ADObject would be an obvious cmdlet to look at, but it doesn't return the whenCreated property (which is kinda lame) so in order to get ALL AD changes in a particular timeframe had to pull out the ole ADSI Searcher:

Not sure about making it web based, but creating a GUI with Powershell with something like Powershell studio from Sapien would be possible using the help of existing scripts that are out there already and incorporating it into your own needs. Kind of like the following,

There's a bunch more on here that you can browse through to get the bits and pieces you would need. Also server 2012 includes a ton of new Active Directory command-lets for Powershell making things easier.

I have the full version of Powershell studio 2012 and use it all the time. If you remember the days of Microsoft Visual Basic and the interface it had for creating apps, it's a lot like that in the drag and drop functionality. Makes creating full GUI scripts fast and easy and it helps to learn what is going on behind the scenes as it fill sin a lot of the blanks.

you could make it web based if you have knowledge of creating web pages that can contact web services. You would have to install the Active Directory Web Services (ADWS) feature on your domain controller. And then use the available API's to make web calls you need to the domain controller to create accounts and such. You can do this with PHP/ASPX/C# and probably others.

What I do is I created a custom list in Sharepoint that my HR fills out and when that's saved it sends an alert email to Spcieworks to generate a ticket. From there we run a custom PowerShell script that creates the user and does all the things we want it to. This system would help you cut out a lot of the potential problems that having management create ID's would cause.

Also, the new user creation process in PowerShell (any scripting language, really) is actually a pretty complex thing. My script uses just text based interface and it's a 236 line script! So if this is your first time ever doing anything in PowerShell I would probably suggest several smaller projects first :)

I have a form that creates a ticket already, to capture all the caveats of creating a new user. I just think it is pointless to middleman this process for AD and Exchange if I can automate it. It would only be for a select few who could be taught to use it appropriately obviously.

I expect there would be a few ways to do this. Unlike vbScript, PowerShell isn't supported in the browser (IE at least) so you can't create an HTA to do this. But a simple way would be to have a web page simply drop a text file into a folder, then have a scheduled PowerShell task go out, read the contents of the text file and go through your creation process process. Sending emails out from the script is simple so any notifications you wanted could be done.

Alternatively you could save the data in a SQL database and have your PowerShell script read that (essentially the same process).

You could also have your web page shell out and run a local PowerShell process for the creation process but I expect that would be more difficult (I'm not a web developer so have no idea how hard that would be).

Thinking on those lines it would be nice to be notified of AD changes also when anything changes, I have seen that done also with powershell queries.

This last one is actually an interesting problem :)

Are we talking about ALL Active Directory objects, or just User objects? Group/contacts?

Get-ADObject would be an obvious cmdlet to look at, but it doesn't return the whenCreated property (which is kinda lame) so in order to get ALL AD changes in a particular timeframe had to pull out the ole ADSI Searcher:

We've been using AD templates thus far within Active Directory Users and Computers, but the templates never retain all the granular settings and the minute details. This far, the Z-Hire tools seem like the right direction. Our new hires come in batches at a time, so it would be really nice to dump a list in via CSV and have it spit out a file with their username, password, etc. to give to HR.

EDIT 3/30/17 1506hrs: It appears the folks who make Z-hire 1) have now added a price tag to the product and 2) no longer exit. Their website seems to have gone dark after the first of January.

For those who are still looking for a combination of a great web interface and automated user creation in Active Directory, Exchange, Office 365, etc., check out Adaxes. It's super flexible and can be extensively customized to fit the exact needs of your environment.